Penetration Tester

S-RM


Date: 2 weeks ago
Contract type: Full time
Remote

Offensive Security Analysts support our delivery consultants running our offensive security services. They help to interpret client challenges, innovate solutions, and deliver findings. Our aim is to become trusted advisors to our clients.


You will work across the full spectrum of our pen testing services, whether point in time or continuous, as well as participate in larger engagements such as red teams. You will help our clients to build cyber resilience, enhance their understanding of the threat landscape and become better prepared to face dynamic and evolving security risks.


MAIN DUTIES AND RESPONSIBILITIES


Client Engagement and Account Management


  • Engage with clients to understand their cyber security challenges
  • Translate client challenges into solutions that fit S-RM’s Offensive Security service offering and value proposition
  • Develop an understanding of delivery timelines, project resourcing requirements and pricing
  • Understand S-RM’s proposal process and lead on proposal writing and presentations in some cases
  • Contribute to the expansion of client accounts and winning of new business
  • Gain an understanding of S-RM’s target sectors and industries


Offensive Security


  • Penetration testing
  • Vulnerability assessments and monitoring
  • External infrastructure
  • External Attack Surface Management
  • Web application
  • API pentesting
  • Phishing and spear phishing
  • Internal pentesting
  • Mobile application pentesting (Android and iOS)
  • OT Pentesting
  • IOT Pentesting
  • Cloud Pentesting
  • Open-Source Intelligence (OSINT) gathering
  • Configuration Reviews
  • Cloud configuration review
  • Application configuration review
  • Hardware build review
  • Firewall review



Delivery & Client communications


  • Deliver findings in a range of formats, including written reports, presentations, and verbal briefings
  • Threat Intelligence
  • Keep abreast of threat intelligence developments, threat actor activity and security industry developments in mitigations and tooling
  • Develop and deliver client threat profiles, threat assessments and dark web analysis


Project Management


  • Support vCISO engagements, accessing the full range of S-RM’s resources and expertise
  • Collaborate with incident response, ethical hacking, and digital forensics teams to integrate our services and support to clients
  • Support the delivery of retainer relationships
  • Support the delivery of the Attack Surface Management (ASM) service


Internal Initiatives and Strategy


  • Support internal initiatives on product development, process management, tech enablement, efficiency and exploring different ways to support clients
  • Contribute to the adaption of security frameworks to create innovative products
  • Challenge received wisdom and existing products and services. Suggest alternative approaches where appropriate
  • Develop documentation and evolve the testing methodologies where applicable



Professional Development and Domain Knowledge


  • Commit to continuous professional development and personal knowledge improvement across the full range of cyber security competencies, in line with personal utilisation targets (see Objectives)
  • Complete up to one formal training course over the financial year. This is beyond internal training sessions
  • Share knowledge with the wider team in line with company values, including contributing to internal training initiatives and programmes



The successful candidate must have permission to work in South Africa by the start of their employment.


Our benefits


We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside it, this includes but is not exhaustive of:


  • 23 days holiday per year in addition to public holidays (+1 day for every year of service up to a maximum of 30 days in total);
  • Hybrid working and flexible working hours;
  • Matching pension contribution up to 7% (up to a maximum of 14% combined), and financial education;
  • Life Insurance 4X annual salary.


Parental Support:


  • Fertility treatment leave – 5 days of leave per cycle of treatment per year;
  • Maternity leave – 26 weeks of full pay followed by 13 weeks of half pay;
  • Paternity leave – 6 weeks of full pay.


Various Health and Medical Benefits including:


  • Medical Aid (taxable benefit) for you and your immediate family
  • EAP program for you and your immediate family;
  • Free access to the world-famous mindfulness app.



To apply for this role, please submit an up-to-date CV through this link: Job Application for Offensive Security Analyst at S-RM

Post a CV

See more Remote jobs